Legal

Privacy Policy

Webkype Info Services Pvt Ltd · Last Updated: April 5, 2026 · Effective: April 5, 2026

Contents

This Privacy Policy describes how Webkype Info Services Pvt Ltd collects, uses, stores, discloses, and protects personal information when you interact with our website, AI products, enterprise solutions, or SaaS platforms. By using our Services, you agree to the terms of this Policy.

Webkype is an AI product development company that designs and delivers AI software and applications on Enterprise and SaaS models globally. This Policy reflects our commitment to responsible AI development, global data privacy standards, and enterprise-grade security.

1. Scope and Applicability

This Policy applies to all individuals and entities that interact with Webkype's offerings, including:

Visitors to www.webkype.com
Enterprise clients using Webkype's custom AI solutions
SaaS subscribers using Webkype's cloud-based AI platforms
Business partners, vendors, and third-party collaborators
Employees, contractors, and prospective hires (to the extent described herein)
End users of AI applications developed or deployed by Webkype on behalf of clients

This Policy covers data processing activities in all countries in which Webkype operates or delivers services, including but not limited to India, the United States, the European Union, the United Kingdom, the Middle East, Southeast Asia, and other global markets.

2. Information We Collect

2.1 Personal Information You Provide Directly

Full name, designation, and professional title
Email address and phone number
Company name, industry, and size
Billing and payment information (processed via secured payment gateways)
Messages, queries, and support requests
Business requirements and project briefs
Any documents or files you share with us

2.2 Automatically Collected Technical Data

address and geographic location (country/region level)
Device type, operating system, and browser version
Pages visited, features used, and time spent
Referring URLs, session data, and click-stream data
API usage patterns and integration metadata
Error logs and performance diagnostics

2.3 AI Interaction and Product Usage Data

User inputs, prompts, queries, and commands submitted to AI systems
AI-generated outputs and responses
Model feedback, ratings, and correction data provided by users
Workflow and automation activity logs
Feature engagement and usage analytics within AI applications
Training data provided or approved by enterprise clients for model customization

Important: Webkype does not use client data or end-user inputs to train its general AI models without explicit, documented written consent from the data controller.

2.4 Enterprise and SaaS Client Data

When Webkype provides AI solutions to enterprise or SaaS clients, we may process business data on behalf of those clients as a data processor. This includes customer databases, CRM records, internal documents, workflows, employee/user account information, and transaction records. In such cases, the enterprise client is the data controller and Webkype acts as a data processor under a Data Processing Agreement (DPA).

2.5 Third-Party and Integration Data

Our AI products may integrate with third-party platforms (e.g., CRMs, ERPs, cloud storage, communication tools). Data exchanged through such integrations is handled per the terms of applicable integration agreements and this Policy.

3. How We Use Your Information

3.1 Service Delivery and Operations

Providing, operating, and maintaining our AI products and services
Processing client onboarding, contracts, and account management
Delivering enterprise AI implementations and SaaS subscriptions
Providing technical support, helpdesk services, and customer success
Enabling integrations with client systems and third-party platforms

3.2 AI Product Development and Improvement

Improving performance, accuracy, and reliability of our AI models
Conducting internal research and development on AI capabilities
Testing, validating, and monitoring AI system outputs
Detecting and correcting biases, errors, and model drift

3.3 Business and Commercial Purposes

Responding to inquiries, proposals, and sales requests
Billing, invoicing, and financial transaction processing
Sending product updates, newsletters, and marketing communications (with consent)
Managing partner and vendor relationships

3.4 Legal, Compliance, and Security

Complying with applicable laws, regulations, and legal obligations
Enforcing contractual terms, policies, and intellectual property rights
Preventing fraud, unauthorized access, and security incidents
Maintaining records required by law or contract

4. Legal Basis for Processing

Legal Basis	When Applied
Contractual Necessity	Processing required to fulfill a contract with you or your organization
Legitimate Interests	Processing for our business operations, product improvement, and security
Consent	Marketing communications, optional analytics, AI model training with client data
Legal Obligation	Compliance with applicable laws, tax requirements, and court orders
Vital Interests	In rare cases where processing is necessary to protect life or safety

5. Sharing and Disclosure of Information

Webkype does not sell, rent, or trade your personal information. We may share your information only under the following circumstances:

5.1 Service Providers and Technology Partners

We engage trusted third-party vendors to support our operations, including cloud infrastructure providers, payment processors, analytics platforms, communication tools, and security services. These parties are bound by confidentiality and data protection obligations.

5.2 Enterprise Client Relationships

Where Webkype processes data on behalf of enterprise clients, data may be shared with the client's authorized personnel and integrated systems as specified in the relevant service agreement and DPA.

5.3 AI Ecosystem Partners

Webkype may collaborate with AI model providers, research institutions, or technology partners for product development. Any data sharing in such context is governed by strict contractual protections.

5.4 Legal and Regulatory Requirements

We may disclose information when required by applicable law, court order, government authority, or to protect Webkype's rights, property, safety, or that of our users.

5.5 Business Transfers

In the event of a merger, acquisition, asset sale, or corporate restructuring, user information may be transferred as part of business assets, subject to equivalent privacy protections.

5.6 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you, for research, benchmarking, or marketing purposes.

6. AI-Specific Data Practices

6.1 AI Model Training and Data Usage

Webkype does not use personally identifiable information to train general AI models without explicit consent
Enterprise client data used for model fine-tuning is governed by a separate DPA
Anonymized or synthetic data may be used to improve AI model accuracy
Model outputs are not sold or shared with unauthorized third parties

6.2 Automated Decision-Making

Some Webkype products may involve automated processing that produces decisions or recommendations. Where such decisions have significant effects on individuals, we ensure transparency, the right to request human review, and compliance with applicable laws (e.g., GDPR Article 22).

6.3 AI Bias and Fairness

Webkype is committed to ethical AI development. We conduct regular audits of our AI systems to detect and mitigate bias, ensure fairness, and prevent discriminatory outputs.

6.4 Explainability and Transparency

Where technically feasible, we provide clients and users with meaningful explanations of AI-driven outputs and the factors influencing them.

6.5 AI Output Responsibility

Webkype's AI systems are decision-support tools. Clients and end-users retain responsibility for decisions made using AI-generated outputs. Webkype is not liable for decisions made solely on the basis of AI recommendations without appropriate human oversight.

7. International Data Transfers

Webkype operates globally and may transfer personal data across international borders. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs), adequacy decisions, Binding Corporate Rules (BCRs), compliance with India's DPDPA 2023, and applicable US state privacy laws.

8. Data Retention

Data Category	Retention Period	Basis
Website inquiry data	2 years	Legitimate interest
Client contract data	7 years post-contract	Legal obligation
AI interaction logs	1 year (anonymized after 90 days)	Service improvement
Billing and payment records	7 years	Tax/legal compliance
Security and access logs	1 year	Security monitoring
Marketing consent records	Until consent withdrawn	Consent
Employee/HR data	Per applicable labour law	Legal obligation

9. Data Security

9.1 Technical Safeguards

AES-256 encryption for data at rest; TLS 1.3 for data in transit
Multi-factor authentication (MFA) for all internal systems
Role-based access control (RBAC) limiting data access to authorized personnel
Regular penetration testing, vulnerability scanning, and security audits
Secure Software Development Lifecycle (SSDLC) practices
AI model security testing against adversarial inputs and prompt injection

9.2 Organizational Safeguards

Mandatory data privacy training for all employees and contractors
Data Protection Officer (DPO) overseeing compliance
Vendor security assessments before onboarding third-party providers
Privacy-by-Design and Privacy-by-Default principles embedded in product development

9.3 Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, Webkype will notify affected parties and relevant regulatory authorities within the timeframes required by applicable law (e.g., 72 hours under GDPR; as required under India's DPDPA; and applicable US state laws).

10. Cookies and Tracking Technologies

Webkype uses cookies, web beacons, pixels, and similar tracking technologies on its website and digital products to enable essential functionality, analyze traffic, personalize content, and support marketing. You can manage cookie preferences through your browser settings or our cookie consent interface.

For detailed information on cookies used, please refer to our .

11. Your Data Rights

Right	Description
Right to Access	Request a copy of the personal data we hold about you
Right to Rectification	Request correction of inaccurate or incomplete data
Right to Erasure	Request deletion of your data, subject to legal obligations
Right to Portability	Receive your data in a machine-readable format for transfer
Right to Restrict Processing	Request that we limit how we use your data
Right to Object	Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent	Withdraw consent at any time for consent-based processing
Right Against Automated Decisions	Request human review of significant automated decisions
Right to Lodge a Complaint	File a complaint with your relevant data protection authority

To exercise your rights, please contact us at gajenn@webkype.com. We will respond within 30 days (or within the timeframe required by your applicable law).

12. Regional and Regulatory Compliance

12.1 India — Digital Personal Data Protection Act (DPDPA) 2023

Webkype is incorporated in India and complies with the DPDPA 2023, including maintaining transparency about data processing, honouring data principal rights, and observing restrictions on cross-border transfers.

12.2 European Union — GDPR

For users in the EU and EEA, Webkype complies with the General Data Protection Regulation (GDPR), including lawful basis for processing, data subject rights, and data transfer mechanisms.

12.3 United Kingdom — UK GDPR

Webkype's practices align with the UK GDPR and the Data Protection Act 2018 for users in the United Kingdom.

12.4 United States — State Privacy Laws

Webkype acknowledges and seeks to comply with applicable US state privacy laws including CCPA/CPRA, CDPA (Virginia), CPA (Colorado), and other applicable state regulations. California residents may opt out of data sales — Webkype does not sell personal data.

12.5 Other Jurisdictions

For clients in the Middle East, Southeast Asia, Australia, Canada, and other regions, Webkype seeks to comply with applicable local data protection laws. Enterprise clients may request region-specific DPAs.

13. Intellectual Property and AI Ownership

All content, trademarks, logos, and product names on our website — including AICHA™, ConGen™, DigiMee™, AICA-CRM™, and other Webkype offerings — are the exclusive property of Webkype Info Services Pvt Ltd. Client data uploaded through Webkype's platforms remains the property of the client. Webkype claims no ownership rights over client data and processes it only as instructed.

14. Third-Party Links, Integrations, and Services

Our website and AI products may contain links to or integrate with third-party platforms, APIs, and services. Webkype is not responsible for the privacy practices or content of these third parties. We recommend reviewing the privacy policies of all third-party services you access in connection with our products.

15. Children's Privacy

Webkype's Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If you are a parent or guardian and believe your child has submitted information to us, please contact us at gajenn@webkype.com and we will take prompt steps to delete such information.

16. SaaS Platform-Specific Privacy Terms

SaaS subscribers are responsible for maintaining the security of their account credentials. Webkype's SaaS platforms use logical data isolation to ensure strict tenant separation. Clients may export their data at any time during their subscription. Upon contract termination, client data will be available for export for 30 days, after which it will be securely deleted unless retention is required by law.

17. Enterprise Deployment Privacy Terms

Enterprise clients processing personal data through Webkype's solutions will enter into a Data Processing Agreement (DPA) defining roles, processing instructions, security measures, sub-processor lists, and data subject rights mechanisms. For on-premise or private cloud deployments, data does not leave the client's infrastructure. Enterprise clients may request privacy and security audits, and we can provide relevant certifications (e.g., SOC 2, ISO 27001) upon request.

18. Changes to This Privacy Policy

Webkype may update this Privacy Policy periodically to reflect changes in our practices, products, technologies, or legal requirements. When we make material changes, we will post the updated Policy on our website with a revised "Last Updated" date and notify registered users and enterprise clients by email. Continued use of our Services after changes are posted constitutes acceptance of the updated Policy.

19. Grievance Redressal and Data Protection Officer

Webkype has appointed a Data Protection Officer (DPO) / Grievance Officer responsible for overseeing data protection compliance. If you have concerns about your data or this Policy:

Data Protection / Grievance Officer
Webkype Info Services Pvt Ltd
Email: gajenn@webkype.com | gajenn@webkype.com
Phone: +91 8130352808, +91 9953323804
Website: www.webkype.com
Address: T4: 1502-04, NX ONE BUSINESS PARK, Greater Noida (W) Rd, Sec 4, UP, India 201016

We will respond to data-related grievances within 30 days of receipt.

20. Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of India, including the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and rules thereunder. Any disputes arising from this Policy shall be subject to the jurisdiction of courts in Greater Noida / Delhi NCR, India, unless otherwise agreed in writing.

Webkype Info Services Pvt Ltd
Building Responsible AI for the World
www.webkype.com | gajenn@webkype.com | +91 8130352808, +91 9953323804